Randon Access Violation on dhcpcsvc6.DLL

delphi package - automated exception handling
madshi
Site Admin
Posts: 10753
Joined: Sun Mar 21, 2004 5:25 pm

Re: Randon Access Violation on dhcpcsvc6.DLL

Post by madshi »

Seems like a crash in a system DLL. Don't know what's causing it. Doesn't seem to be madExcept's fault, if that's what you're wondering about?
tprami
Posts: 12
Joined: Tue Apr 11, 2017 5:03 am

Re: Randon Access Violation on dhcpcsvc6.DLL

Post by tprami »

madshi wrote:Seems like a crash in a system DLL. Don't know what's causing it. Doesn't seem to be madExcept's fault, if that's what you're wondering about?
Nope, I think it's very similar to what is in this thread. This environment (Server/Terminal services) and so on are similar, the thread above.

Just posted to anyone can check the call stack.

I have an idea of culprit, but when it goes to Test, don't know.

-Tee-
tprami
Posts: 12
Joined: Tue Apr 11, 2017 5:03 am

Re: Randon Access Violation on dhcpcsvc6.DLL

Post by tprami »

At least from older time there are reports that THttRIO is not DEP compatible.

Workaround is, of course, disable DEP all together. So far no idea how to go around this tough in safe manner.

-Tee-
tprami
Posts: 12
Joined: Tue Apr 11, 2017 5:03 am

Re: Randon Access Violation on dhcpcsvc6.DLL

Post by tprami »

The error happens randomly on the customers computer.

Latest error report below...

Have no idea what could be causing this, or no good guess what is causing this.

I was pondering does nayone has idea could this is the cause?

Code: Select all

thread $7a8:
727f1ca0 +173 dhcpcsvc.DLL                   DhcpIsEnabled
72fb6a84 +037 IPHLPAPI.DLL                   GetAdaptersAddresses
008d462d +00d KirjanpitoClient.exe madExcept CallThreadProcSafe
008d4d9a +032 KirjanpitoClient.exe madExcept UserWorkItemExceptFrame
75a43368 +010 kernel32.dll                   BaseThreadInitThunk
Full error report :

Code: Select all

date/time          : 2017-08-11, 11:33:51, 87ms
computer name      : xxxx
wts client name    : xxxx
user name          : Administrator <admin>
registered owner   : Windows User
operating system   : Windows 2008 R2 x64 Service Pack 1 build 7601
system language    : Finnish
system up time     : 1 day 8 hours
program up time    : 1 second
processors         : 4x Intel(R) Xeon(R) CPU E3-1220 V2 @ 3.10GHz
physical memory    : 30010/32736 MB (free/total)
free disk space    : (C:) 10,77 GB (K:) 262,97 GB
display mode       : 1920x1080, 16 bit
process id         : $e74
allocated memory   : 30,93 MB
largest free block : 1,04 GB
executable         : KirjanpitoClient.exe
exec. date/time    : 2017-08-10 13:04
version            : 2017.1.1.1105
bde version        : 5.2.0.2
compiled with      : Delphi 10.2 Tokyo
Lisenssinumero     : xxxx
contact name       : xxxx
contact email      : xxxx
madExcept version  : 4.0.18
callstack crc      : $fbec8fbf, $4532391e, $434fe045
exception number   : 1
exception class    : EAccessViolation
exception message  : Access violation at address 727F1CA0 in module 'dhcpcsvc.DLL'. Execution of address 727F1CA0.

thread $7a8:
727f1ca0 +173 dhcpcsvc.DLL                   DhcpIsEnabled
72fb6a84 +037 IPHLPAPI.DLL                   GetAdaptersAddresses
008d462d +00d KirjanpitoClient.exe madExcept CallThreadProcSafe
008d4d9a +032 KirjanpitoClient.exe madExcept UserWorkItemExceptFrame
75a43368 +010 kernel32.dll                   BaseThreadInitThunk

main thread ($fac):
77cb342c +5366 ntdll.dll                                                       RtlAllocateHeap
75b80cbd +06f1 KERNELBASE.dll                                                  MultiByteToWideChar
00ed5bba +0036 KirjanpitoClient.exe GR32                              2225  +6 TCustomMap.SetSize
00676320 +000c KirjanpitoClient.exe Vcl.Controls                               TControl.WMWindowPosChanged
0049b795 +0069 KirjanpitoClient.exe System.TypInfo                             {System.TypInfo}TPropSet<System.string>.SetProc
00499a71 +0099 KirjanpitoClient.exe System.TypInfo                             SetStrProp
0040a6f4 +004c KirjanpitoClient.exe System                              16  +0 TObject.GetInterface
00ed5953 +000f KirjanpitoClient.exe GR32                              2107  +1 TPlainInterfacedPersistent.QueryInterface
0040a6f4 +004c KirjanpitoClient.exe System                              16  +0 TObject.GetInterface
00ede0aa +005a KirjanpitoClient.exe GR32                              6364 +10 TCustomBackend.ChangeSize
00ed5f4f +0013 KirjanpitoClient.exe GR32                              2400  +1 TCustomBitmap32.ChangeSize
00ed5bba +0036 KirjanpitoClient.exe GR32                              2225  +6 TCustomMap.SetSize
01633f35 +00b5 KirjanpitoClient.exe STComponent.ValueWidget            191 +17 TSTValueWidget.Create
004d2331 +00ad KirjanpitoClient.exe System.Classes                             CreateComponent
004d255c +0088 KirjanpitoClient.exe System.Classes                             TReader.ReadComponent
004d2831 +0089 KirjanpitoClient.exe System.Classes                             TReader.ReadDataInner
004d279f +0067 KirjanpitoClient.exe System.Classes                             TReader.ReadData
004e0159 +0001 KirjanpitoClient.exe System.Classes                             TComponent.ReadState
00672ea3 +002f KirjanpitoClient.exe Vcl.Controls                               TControl.ReadState
00677751 +0025 KirjanpitoClient.exe Vcl.Controls                               TWinControl.ReadState
004d25f3 +011f KirjanpitoClient.exe System.Classes                             TReader.ReadComponent
004d2831 +0089 KirjanpitoClient.exe System.Classes                             TReader.ReadDataInner
004d2770 +0038 KirjanpitoClient.exe System.Classes                             TReader.ReadData
004e0159 +0001 KirjanpitoClient.exe System.Classes                             TComponent.ReadState
00672ea3 +002f KirjanpitoClient.exe Vcl.Controls                               TControl.ReadState
00677751 +0025 KirjanpitoClient.exe Vcl.Controls                               TWinControl.ReadState
004d3785 +01f5 KirjanpitoClient.exe System.Classes                             TReader.ReadRootComponent
004cd292 +0032 KirjanpitoClient.exe System.Classes                             TStream.ReadComponent
004c477f +0057 KirjanpitoClient.exe System.Classes                             InternalReadComponentRes
004c5edf +005f KirjanpitoClient.exe System.Classes                             InitComponent
004c5f6d +0061 KirjanpitoClient.exe System.Classes                             InitInheritedComponent
0063f86c +0064 KirjanpitoClient.exe Vcl.Forms                                  TCustomFrame.Create
016389aa +0016 KirjanpitoClient.exe MNFrame.Tilannekuvaus.Tunnusluvut   88  +1 TMNTilannekuvausTunnusluvutFrame.Create
017dce51 +0071 KirjanpitoClient.exe MNForm.Main                        460 +11 TMNMainForm.FormCreate
00640055 +0031 KirjanpitoClient.exe Vcl.Forms                                  TCustomForm.DoCreate
0063fbc5 +013d KirjanpitoClient.exe Vcl.Forms                                  TCustomForm.Create
0064b0d6 +0076 KirjanpitoClient.exe Vcl.Forms                                  TApplication.CreateForm
0180f869 +0115 KirjanpitoClient.exe KirjanpitoClient                   402 +30 initialization
75a43368 +0010 kernel32.dll                                                    BaseThreadInitThunk

thread $32c:
77ca0166 +0e ntdll.dll     NtWaitForMultipleObjects
75a43368 +10 kernel32.dll  BaseThreadInitThunk

thread $970:
77ca1f4f +0b ntdll.dll     NtWaitForWorkViaWorkerFactory
75a43368 +10 kernel32.dll  BaseThreadInitThunk

thread $99c (TSTUpdateThread):
77c9f8da +00e ntdll.dll                                    NtWaitForSingleObject
75b615c8 +092 KERNELBASE.dll                               WaitForSingleObjectEx
75a4118f +03e kernel32.dll                                 WaitForSingleObjectEx
75a41143 +00d kernel32.dll                                 WaitForSingleObject
004337da +002 KirjanpitoClient.exe System.SysUtils         WaitForSyncWaitObj
00433923 +01f KirjanpitoClient.exe System.SysUtils         WaitOrSignalObj
0040b569 +065 KirjanpitoClient.exe System           16  +0 TMonitor.Wait
0040b5f8 +020 KirjanpitoClient.exe System           16  +0 TMonitor.Wait
004def3c +140 KirjanpitoClient.exe System.Classes          TThread.Synchronize
004df009 +04d KirjanpitoClient.exe System.Classes          TThread.Synchronize
009309a7 +2df KirjanpitoClient.exe STUpdateAgent   227 +71 TSTUpdateThread.Execute
008d4747 +02b KirjanpitoClient.exe madExcept               HookedTThreadExecute
004de501 +049 KirjanpitoClient.exe System.Classes          ThreadProc
0040c390 +028 KirjanpitoClient.exe System           16  +0 ThreadWrapper
008d462d +00d KirjanpitoClient.exe madExcept               CallThreadProcSafe
008d4692 +032 KirjanpitoClient.exe madExcept               ThreadExceptFrame
75a43368 +010 kernel32.dll                                 BaseThreadInitThunk
>> created by main thread ($fac) at:
00930660 +034 KirjanpitoClient.exe STUpdateAgent   128  +6 TSTUpdateThread.Create

thread $6e8:
77ca1f4f +0b ntdll.dll     NtWaitForWorkViaWorkerFactory
75a43368 +10 kernel32.dll  BaseThreadInitThunk

thread $390:
77ca1f4f +0b ntdll.dll     NtWaitForWorkViaWorkerFactory
75a43368 +10 kernel32.dll  BaseThreadInitThunk

thread $ed8:
77c9fd9a +0e ntdll.dll                      NtDelayExecution
75b63d36 +5f KERNELBASE.dll                 SleepEx
75b64607 +0a KERNELBASE.dll                 Sleep
008d462d +0d KirjanpitoClient.exe madExcept CallThreadProcSafe
008d4692 +32 KirjanpitoClient.exe madExcept ThreadExceptFrame
75a43368 +10 kernel32.dll                   BaseThreadInitThunk
>> created by main thread ($fac) at:
75cbd9be +00 ole32.dll

thread $d38 (TEventSendThread):
77c9f8da +00e ntdll.dll                                      NtWaitForSingleObject
77506944 +04f WS2_32.dll                                     connect
009ef965 +229 KirjanpitoClient.exe CRVioTcp          290 +55 TCRVioTcp.InternalConnect
009efd52 +26e KirjanpitoClient.exe CRVioTcp          401 +60 TCRVioTcp.TryConnect
009f2c08 +098 KirjanpitoClient.exe DBMonitorMessages 480 +16 TSocketMessagePacker.Open
009f3c34 +050 KirjanpitoClient.exe DBMonitorClient   261  +9 TDBMonitor.IsMonitorActive
009f409f +07f KirjanpitoClient.exe DBMonitorClient   415 +15 TEventSendThread.Execute
008d4747 +02b KirjanpitoClient.exe madExcept                 HookedTThreadExecute
004de501 +049 KirjanpitoClient.exe System.Classes            ThreadProc
0040c390 +028 KirjanpitoClient.exe System             16  +0 ThreadWrapper
008d462d +00d KirjanpitoClient.exe madExcept                 CallThreadProcSafe
008d4692 +032 KirjanpitoClient.exe madExcept                 ThreadExceptFrame
75a43368 +010 kernel32.dll                                   BaseThreadInitThunk
>> created by main thread ($fac) at:
009f3f47 +01b KirjanpitoClient.exe DBMonitorClient   368  +1 TEventSendThread.Create

thread $e98:
77c9f8da +0e ntdll.dll                      NtWaitForSingleObject
75b615c8 +92 KERNELBASE.dll                 WaitForSingleObjectEx
75a4118f +3e kernel32.dll                   WaitForSingleObjectEx
75a41143 +0d kernel32.dll                   WaitForSingleObject
008d462d +0d KirjanpitoClient.exe madExcept CallThreadProcSafe
008d4692 +32 KirjanpitoClient.exe madExcept ThreadExceptFrame
75a43368 +10 kernel32.dll                   BaseThreadInitThunk
>> created by thread $99c (TSTUpdateThread) at:
758a4ab7 +00 wininet.dll

thread $bac:
77ca1f4f +0b ntdll.dll     NtWaitForWorkViaWorkerFactory
75a43368 +10 kernel32.dll  BaseThreadInitThunk

cpu registers:
eax = 00000000
ebx = 75a422b1
ecx = 00000000
edx = 77cdc36e
esi = 00000000
edi = 00000000
eip = 727f1ca0
esp = 07d4f5ec
ebp = 07d4f894

stack dump:
07d4f5ec  74 43 39 02 a0 42 39 02 - a0 42 39 02 00 00 00 00  tC9..B9..B9.....
07d4f5fc  00 00 00 00 00 00 00 00 - a4 1d 7f 72 01 00 00 00  ...........r....
07d4f60c  01 00 00 00 00 00 00 00 - 34 f6 d4 07 08 00 00 00  ........4.......
07d4f61c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
07d4f62c  58 f6 d4 07 38 02 00 00 - 00 00 00 04 00 00 83 00  X...8...........
07d4f63c  04 00 00 00 00 00 00 00 - 4c 00 4e 00 b0 66 34 02  ........L.N..f4.
07d4f64c  08 f9 d4 07 6c 04 00 00 - 00 00 00 00 0b 00 00 00  ....l...........
07d4f65c  30 00 4d 00 69 00 63 00 - 72 00 6f 00 73 00 6f 00  0.M.i.c.r.o.s.o.
07d4f66c  66 00 74 00 20 00 49 00 - 53 00 41 00 54 00 41 00  f.t. .I.S.A.T.A.
07d4f67c  50 00 20 00 41 00 64 00 - 61 00 70 00 74 00 65 00  P. .A.d.a.p.t.e.
07d4f68c  72 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  r...............
07d4f69c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
07d4f6ac  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
07d4f6bc  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
07d4f6cc  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
07d4f6dc  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
07d4f6ec  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
07d4f6fc  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
07d4f70c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
07d4f71c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................

disassembling:
[...]
727f1c89   mov     edi, eax
727f1c8b   cmp     edi, esi
727f1c8d   jnz     loc_727f1ccf
727f1c8d
727f1c8f   lea     eax, [ebp-$250]
727f1c95   push    eax
727f1c96   lea     eax, [ebp-$24]
727f1c99   push    eax
727f1c9a   call    dword ptr [$727f109c]  ; RtlStringFromGUID (ntdll.dll)
727f1c9a
727f1ca0 > push    eax
727f1ca1   call    dword ptr [$727f1098]  ; RtlNtStatusToDosError (ntdll.dll)
727f1ca1
727f1ca7   mov     edi, eax
727f1ca9   cmp     edi, esi
727f1cab   jnz     loc_727f1ccf
727f1cab
727f1cad   lea     eax, [ebp-$240]
727f1cb3   push    eax
727f1cb4   push    1
727f1cb6   push    esi
[...]
madshi
Site Admin
Posts: 10753
Joined: Sun Mar 21, 2004 5:25 pm

Re: Randon Access Violation on dhcpcsvc6.DLL

Post by madshi »

I've no idea why it happens. FWIW, you could try to detect this specific crash and silently ignore it, but I don't know if the process will then continue to run fine or produce even more crashes.
Post Reply